[libvirt] [PATCH for v5.3.0 07/17] security: Document @restore member of transaction list

Cole Robinson crobinso at redhat.com
Wed Apr 10 20:26:24 UTC 2019 

On 3/28/19 11:04 AM, Michal Privoznik wrote:
> Both DAC and SELinux drivers support transactions. Each item on
> the transaction list consists of various variables and @restore
> is one of them. Document it so that as the list of variables grow
> it's easier to spot which variable does what.
> 
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
>  src/security/security_dac.c     | 5 ++++-
>  src/security/security_selinux.c | 5 ++++-
>  2 files changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/src/security/security_dac.c b/src/security/security_dac.c
> index 72026646cf..03c7f8363b 100644
> --- a/src/security/security_dac.c
> +++ b/src/security/security_dac.c
> @@ -79,7 +79,7 @@ struct _virSecurityDACChownItem {
>      const virStorageSource *src;
>      uid_t uid;
>      gid_t gid;
> -    bool restore;
> +    bool restore; /* Whether current operation is set or restore */
>  };
>  
>  typedef struct _virSecurityDACChownList virSecurityDACChownList;
> @@ -155,8 +155,11 @@ virSecurityDACChownListFree(void *opaque)
>   * @src: disk source to chown
>   * @uid: user ID
>   * @gid: group ID
> + * @restore: if current operation is set or restore
>   *
>   * Appends an entry onto transaction list.
> + * The @restore should be true if the operation is restoring
> + * seclabel and false otherwise.
>   *
>   * Returns: 1 in case of successful append
>   *          0 if there is no transaction enabled
> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> index 667ad0fbd4..3cb7e1b3bc 100644
> --- a/src/security/security_selinux.c
> +++ b/src/security/security_selinux.c
> @@ -82,7 +82,7 @@ struct _virSecuritySELinuxContextItem {
>      char *path;
>      char *tcon;
>      bool optional;
> -    bool restore;
> +    bool restore; /* Whether current operation is set or restore */
>  };
>  

I find this line (and the others like it) difficult to read. I think
this helps:

/* Whether current operation is 'set' or 'restore' */

Regardless:

Reviewed-by: Cole Robinson <crobinso at redhat.com>

- Cole

More information about the libvir-list mailing list